mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-23 03:41:45 +00:00
Merge pull request #41023 from deads2k/apiserver-05-config-move
Automatic merge from submit-queue (batch tested with PRs 41023, 41031, 40947) move admission read logic to apiserver Promised followup to https://github.com/kubernetes/kubernetes/pull/40943 @sttts @kubernetes/sig-api-machinery-misc
This commit is contained in:
commit
03db7eac03
@ -275,7 +275,7 @@ func Run(s *options.ServerRunOptions) error {
|
||||
|
||||
admissionControlPluginNames := strings.Split(s.GenericServerRunOptions.AdmissionControl, ",")
|
||||
pluginInitializer := kubeadmission.NewPluginInitializer(client, sharedInformers, apiAuthorizer)
|
||||
admissionConfigProvider, err := kubeadmission.ReadAdmissionConfiguration(admissionControlPluginNames, s.GenericServerRunOptions.AdmissionControlConfigFile)
|
||||
admissionConfigProvider, err := admission.ReadAdmissionConfiguration(admissionControlPluginNames, s.GenericServerRunOptions.AdmissionControlConfigFile)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to read plugin config: %v", err)
|
||||
}
|
||||
|
@ -163,7 +163,7 @@ func Run(s *options.ServerRunOptions) error {
|
||||
|
||||
admissionControlPluginNames := strings.Split(s.GenericServerRunOptions.AdmissionControl, ",")
|
||||
pluginInitializer := kubeapiserveradmission.NewPluginInitializer(client, sharedInformers, apiAuthorizer)
|
||||
admissionConfigProvider, err := kubeapiserveradmission.ReadAdmissionConfiguration(admissionControlPluginNames, s.GenericServerRunOptions.AdmissionControlConfigFile)
|
||||
admissionConfigProvider, err := admission.ReadAdmissionConfiguration(admissionControlPluginNames, s.GenericServerRunOptions.AdmissionControlConfigFile)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to read plugin config: %v", err)
|
||||
}
|
||||
|
@ -271,7 +271,6 @@ staging/src/k8s.io/apimachinery/pkg/util/json
|
||||
staging/src/k8s.io/apimachinery/pkg/util/validation/field
|
||||
staging/src/k8s.io/apimachinery/pkg/version
|
||||
staging/src/k8s.io/apimachinery/pkg/watch
|
||||
staging/src/k8s.io/apiserver/pkg/apis
|
||||
staging/src/k8s.io/apiserver/pkg/apis/apiserver/install
|
||||
staging/src/k8s.io/apiserver/pkg/apis/example/install
|
||||
staging/src/k8s.io/apiserver/pkg/authentication/authenticator
|
||||
|
@ -10,39 +10,23 @@ load(
|
||||
|
||||
go_test(
|
||||
name = "go_default_test",
|
||||
srcs = [
|
||||
"config_test.go",
|
||||
"init_test.go",
|
||||
],
|
||||
srcs = ["init_test.go"],
|
||||
library = ":go_default_library",
|
||||
tags = ["automanaged"],
|
||||
deps = [
|
||||
"//vendor:k8s.io/apiserver/pkg/admission",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis/apiserver",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis/apiserver/install",
|
||||
"//vendor:k8s.io/apiserver/pkg/authorization/authorizer",
|
||||
],
|
||||
)
|
||||
|
||||
go_library(
|
||||
name = "go_default_library",
|
||||
srcs = [
|
||||
"config.go",
|
||||
"initializer.go",
|
||||
],
|
||||
srcs = ["initializer.go"],
|
||||
tags = ["automanaged"],
|
||||
deps = [
|
||||
"//pkg/client/clientset_generated/internalclientset:go_default_library",
|
||||
"//pkg/controller/informers:go_default_library",
|
||||
"//vendor:github.com/ghodss/yaml",
|
||||
"//vendor:github.com/golang/glog",
|
||||
"//vendor:k8s.io/apimachinery/pkg/runtime",
|
||||
"//vendor:k8s.io/apimachinery/pkg/util/sets",
|
||||
"//vendor:k8s.io/apiserver/pkg/admission",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis/apiserver",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis/apiserver/install",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis/apiserver/v1alpha1",
|
||||
"//vendor:k8s.io/apiserver/pkg/authorization/authorizer",
|
||||
],
|
||||
)
|
||||
|
@ -29,17 +29,27 @@ import (
|
||||
|
||||
"bytes"
|
||||
|
||||
"k8s.io/apimachinery/pkg/apimachinery/announced"
|
||||
"k8s.io/apimachinery/pkg/apimachinery/registered"
|
||||
"k8s.io/apimachinery/pkg/runtime"
|
||||
"k8s.io/apimachinery/pkg/runtime/serializer"
|
||||
"k8s.io/apimachinery/pkg/util/sets"
|
||||
"k8s.io/apiserver/pkg/admission"
|
||||
"k8s.io/apiserver/pkg/apis"
|
||||
"k8s.io/apiserver/pkg/apis/apiserver"
|
||||
"k8s.io/apiserver/pkg/apis/apiserver/install"
|
||||
apiserverv1alpha1 "k8s.io/apiserver/pkg/apis/apiserver/v1alpha1"
|
||||
|
||||
_ "k8s.io/apiserver/pkg/apis/apiserver/install"
|
||||
|
||||
runtime "k8s.io/apimachinery/pkg/runtime"
|
||||
)
|
||||
|
||||
var (
|
||||
groupFactoryRegistry = make(announced.APIGroupFactoryRegistry)
|
||||
registry = registered.NewOrDie(os.Getenv("KUBE_API_VERSIONS"))
|
||||
scheme = runtime.NewScheme()
|
||||
codecs = serializer.NewCodecFactory(scheme)
|
||||
)
|
||||
|
||||
func init() {
|
||||
install.Install(groupFactoryRegistry, registry, scheme)
|
||||
}
|
||||
|
||||
func makeAbs(path, base string) (string, error) {
|
||||
if filepath.IsAbs(path) {
|
||||
return path, nil
|
||||
@ -60,7 +70,7 @@ func makeAbs(path, base string) (string, error) {
|
||||
// set of pluginNames whose config location references the specified configFilePath.
|
||||
// It does this to preserve backward compatibility when admission control files were opaque.
|
||||
// It returns an error if the file did not exist.
|
||||
func ReadAdmissionConfiguration(pluginNames []string, configFilePath string) (admission.ConfigProvider, error) {
|
||||
func ReadAdmissionConfiguration(pluginNames []string, configFilePath string) (ConfigProvider, error) {
|
||||
if configFilePath == "" {
|
||||
return configProvider{config: &apiserver.AdmissionConfiguration{}}, nil
|
||||
}
|
||||
@ -69,7 +79,7 @@ func ReadAdmissionConfiguration(pluginNames []string, configFilePath string) (ad
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("unable to read admission control configuration from %q [%v]", configFilePath, err)
|
||||
}
|
||||
decoder := apis.Codecs.UniversalDecoder()
|
||||
decoder := codecs.UniversalDecoder()
|
||||
decodedObj, err := runtime.Decode(decoder, data)
|
||||
// we were able to decode the file successfully
|
||||
if err == nil {
|
||||
@ -109,9 +119,9 @@ func ReadAdmissionConfiguration(pluginNames []string, configFilePath string) (ad
|
||||
Path: configFilePath})
|
||||
}
|
||||
}
|
||||
apis.Scheme.Default(externalConfig)
|
||||
scheme.Default(externalConfig)
|
||||
internalConfig := &apiserver.AdmissionConfiguration{}
|
||||
if err := apis.Scheme.Convert(externalConfig, internalConfig, nil); err != nil {
|
||||
if err := scheme.Convert(externalConfig, internalConfig, nil); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return configProvider{config: internalConfig}, nil
|
||||
@ -170,7 +180,7 @@ func (p configProvider) ConfigFor(pluginName string) (io.Reader, error) {
|
||||
|
||||
// writeYAML writes the specified object to a byte array as yaml.
|
||||
func writeYAML(obj runtime.Object) ([]byte, error) {
|
||||
json, err := runtime.Encode(apis.Codecs.LegacyCodec(), obj)
|
||||
json, err := runtime.Encode(codecs.LegacyCodec(), obj)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
@ -23,7 +23,6 @@ import (
|
||||
"testing"
|
||||
|
||||
"k8s.io/apiserver/pkg/apis/apiserver"
|
||||
_ "k8s.io/apiserver/pkg/apis/apiserver/install"
|
||||
)
|
||||
|
||||
func TestReadAdmissionConfiguration(t *testing.T) {
|
@ -16,6 +16,6 @@ limitations under the License.
|
||||
|
||||
// +k8s:deepcopy-gen=package,register
|
||||
|
||||
// Package api is the internal version of the API.
|
||||
// Package apiserver is the internal version of the API.
|
||||
// +groupName=apiserver.k8s.io
|
||||
package apiserver // import "k8s.io/apiserver/pkg/apis/apiserver"
|
||||
|
@ -21,15 +21,10 @@ import (
|
||||
"k8s.io/apimachinery/pkg/apimachinery/registered"
|
||||
"k8s.io/apimachinery/pkg/runtime"
|
||||
"k8s.io/apimachinery/pkg/util/sets"
|
||||
"k8s.io/apiserver/pkg/apis"
|
||||
"k8s.io/apiserver/pkg/apis/apiserver"
|
||||
"k8s.io/apiserver/pkg/apis/apiserver/v1alpha1"
|
||||
)
|
||||
|
||||
func init() {
|
||||
Install(apis.GroupFactoryRegistry, apis.Registry, apis.Scheme)
|
||||
}
|
||||
|
||||
// Install registers the API group and adds types to a scheme
|
||||
func Install(groupFactoryRegistry announced.APIGroupFactoryRegistry, registry *registered.APIRegistrationManager, scheme *runtime.Scheme) {
|
||||
if err := announced.NewGroupMetaFactory(
|
||||
|
@ -1,41 +0,0 @@
|
||||
/*
|
||||
Copyright 2014 The Kubernetes Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
|
||||
package apis
|
||||
|
||||
import (
|
||||
"os"
|
||||
|
||||
"k8s.io/apimachinery/pkg/apimachinery/announced"
|
||||
"k8s.io/apimachinery/pkg/apimachinery/registered"
|
||||
"k8s.io/apimachinery/pkg/runtime"
|
||||
"k8s.io/apimachinery/pkg/runtime/serializer"
|
||||
)
|
||||
|
||||
// TODO all of these fall out when we move the admission read back into apiserver
|
||||
|
||||
// GroupFactoryRegistry is the APIGroupFactoryRegistry (overlaps a bit with Registry, see comments in package for details)
|
||||
var GroupFactoryRegistry = make(announced.APIGroupFactoryRegistry)
|
||||
|
||||
// Registry is an instance of an API registry. This is an interim step to start removing the idea of a global
|
||||
// API registry.
|
||||
var Registry = registered.NewOrDie(os.Getenv("KUBE_API_VERSIONS"))
|
||||
|
||||
// Scheme is the default instance of runtime.Scheme to which types in the Kubernetes API are already registered.
|
||||
var Scheme = runtime.NewScheme()
|
||||
|
||||
// Codecs provides access to encoding and decoding for the scheme
|
||||
var Codecs = serializer.NewCodecFactory(Scheme)
|
31
vendor/BUILD
vendored
31
vendor/BUILD
vendored
@ -8724,10 +8724,16 @@ go_library(
|
||||
|
||||
go_test(
|
||||
name = "k8s.io/apiserver/pkg/admission_test",
|
||||
srcs = ["k8s.io/apiserver/pkg/admission/chain_test.go"],
|
||||
srcs = [
|
||||
"k8s.io/apiserver/pkg/admission/chain_test.go",
|
||||
"k8s.io/apiserver/pkg/admission/config_test.go",
|
||||
],
|
||||
library = ":k8s.io/apiserver/pkg/admission",
|
||||
tags = ["automanaged"],
|
||||
deps = ["//vendor:k8s.io/apimachinery/pkg/runtime/schema"],
|
||||
deps = [
|
||||
"//vendor:k8s.io/apimachinery/pkg/runtime/schema",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis/apiserver",
|
||||
],
|
||||
)
|
||||
|
||||
go_library(
|
||||
@ -8735,6 +8741,7 @@ go_library(
|
||||
srcs = [
|
||||
"k8s.io/apiserver/pkg/admission/attributes.go",
|
||||
"k8s.io/apiserver/pkg/admission/chain.go",
|
||||
"k8s.io/apiserver/pkg/admission/config.go",
|
||||
"k8s.io/apiserver/pkg/admission/errors.go",
|
||||
"k8s.io/apiserver/pkg/admission/handler.go",
|
||||
"k8s.io/apiserver/pkg/admission/interfaces.go",
|
||||
@ -8742,13 +8749,20 @@ go_library(
|
||||
],
|
||||
tags = ["automanaged"],
|
||||
deps = [
|
||||
"//vendor:github.com/ghodss/yaml",
|
||||
"//vendor:github.com/golang/glog",
|
||||
"//vendor:k8s.io/apimachinery/pkg/api/errors",
|
||||
"//vendor:k8s.io/apimachinery/pkg/api/meta",
|
||||
"//vendor:k8s.io/apimachinery/pkg/apimachinery/announced",
|
||||
"//vendor:k8s.io/apimachinery/pkg/apimachinery/registered",
|
||||
"//vendor:k8s.io/apimachinery/pkg/runtime",
|
||||
"//vendor:k8s.io/apimachinery/pkg/runtime/schema",
|
||||
"//vendor:k8s.io/apimachinery/pkg/runtime/serializer",
|
||||
"//vendor:k8s.io/apimachinery/pkg/util/errors",
|
||||
"//vendor:k8s.io/apimachinery/pkg/util/sets",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis/apiserver",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis/apiserver/install",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis/apiserver/v1alpha1",
|
||||
"//vendor:k8s.io/apiserver/pkg/authentication/user",
|
||||
],
|
||||
)
|
||||
@ -15194,18 +15208,6 @@ go_library(
|
||||
],
|
||||
)
|
||||
|
||||
go_library(
|
||||
name = "k8s.io/apiserver/pkg/apis",
|
||||
srcs = ["k8s.io/apiserver/pkg/apis/register.go"],
|
||||
tags = ["automanaged"],
|
||||
deps = [
|
||||
"//vendor:k8s.io/apimachinery/pkg/apimachinery/announced",
|
||||
"//vendor:k8s.io/apimachinery/pkg/apimachinery/registered",
|
||||
"//vendor:k8s.io/apimachinery/pkg/runtime",
|
||||
"//vendor:k8s.io/apimachinery/pkg/runtime/serializer",
|
||||
],
|
||||
)
|
||||
|
||||
go_library(
|
||||
name = "k8s.io/apiserver/pkg/apis/apiserver",
|
||||
srcs = [
|
||||
@ -15232,7 +15234,6 @@ go_library(
|
||||
"//vendor:k8s.io/apimachinery/pkg/apimachinery/registered",
|
||||
"//vendor:k8s.io/apimachinery/pkg/runtime",
|
||||
"//vendor:k8s.io/apimachinery/pkg/util/sets",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis/apiserver",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis/apiserver/v1alpha1",
|
||||
],
|
||||
|
Loading…
Reference in New Issue
Block a user